<?php
$template['title']='修改密码';
include 'inc/userHead_inc.php';


if(isset($_POST['old'])){
	//查询原始密码，条件username是否等于$_COOKIE['youyou']['name'] and password=md5('{$_POST['old']'}，否则原始密码错误
	$query="select * from userinfo where username='{$_COOKIE['youyou']['name']}' and password=md5('{$_POST['old']}')";
	$result=execute($link,$query);
	$data=mysqli_num_rows($result);
	if($data==1){

		if(isset($_POST['submit'])){
			//转义字符
			$_POST=escape($link,$_POST);

			//检查是否设置密保，如果设置了密保则就验证密保正确性，否则就设置密保
			$query="select security,answer from userinfo where username= '{$_COOKIE['youyou']['name']}'";
			$result=execute($link,$query);
			$data=mysqli_fetch_assoc($result);
			if($data['security']){

				//验证密保
				$query="select answer from userinfo where username= '{$_COOKIE['youyou']['name']}'";
				$result=execute($link,$query);
				$data=mysqli_fetch_assoc($result);

				if($_POST['answer']!=$data['answer']){
					skip('updataPw.php', 'error', '对不起，密保错误，请重试！');
				}

			}else{
				//设置密保
				$query="update userinfo set security='{$_POST['security']}',answer='{$_POST['answer']}' where username='{$_COOKIE['youyou']['name']}'";
				$result=execute($link,$query);
				if(mysqli_affected_rows($link)){
					skip('updataPw.php', 'ok', '恭喜您，密保设置成功！');
				}else{
					skip('updataPw.php', 'error', '对不起，设置密保失败，请稍后再试！');
				}
			}

			//更新用户密码，条件username={$_COOKIE['youyou']['name']}
			$query="update userinfo set password=md5('{$_POST['new']}') where username='{$_COOKIE['youyou']['name']}'";
			$result=execute($link,$query);
			$data=mysqli_affected_rows($link);
			if($data){
				skip('information.php', 'ok', '恭喜您，修改密码成功！');
			}else{
				skip('updataPw.php', 'error', '对不起，修改密码失败，请稍后再试！');
			}
		}
	}else{
		skip('updataPw.php', 'error', '对不起，原始密码错误！');
	}


}

?>
	<div class="info">
		<div class="title">修改密码</div>
		<form action='' method='post' onsubmit="return checkUserName()" name="form">
			<?php
				//检查是否设置密保,没有设置则就显示设置部分，否则就显示输入答案部分
				$query="select security,answer from userinfo where username= '{$_COOKIE['youyou']['name']}'";
				$result=execute($link,$query);
				$data=mysqli_fetch_assoc($result);
				if($data['security']){
					echo "<div class='form-group security2'>
							<span class='name'><em>*</em>{$data['security']}：</span>
							<input type='text'autocomplete='off' style='margin-left: 95px;' name='answer' class='form-control' placeholder='请输入正确答案' />
							<div class='pormpt alert'><p>请填写保密问题！</p></div>
						</div>";
				}else{
					echo '<div class="form-group security">
							<span class="name"><em>*</em>设置密保：</span>
							<select name="security" style="width: 288px; margin:10px 0;" class="form-control">
								<option value="您的爱好">您的爱好</option>
								<option value="您的学号">您的学号</option>
								<option value="您的宠物">您的宠物</option>
								<option value="您的生日">您的生日</option>
								<option value="您的宠物">您的星座</option>
							</select>
							<input type="text"autocomplete="off" style="margin-left: 102px;" name="answer" class="form-control" placeholder="请输入问题答案" />
							<div class="pormpt alert"><p>请设置密保，以保证您的账号安全！</p></div>
						</div>';
				}
			?>
			<div class="form-group">
				<span class='name'><em>*</em>原始密码：</span>
				<input type='password' name="old" class='form-control' placeholder="请输入原始密码" />
				<em class="em2"></em>
				<div class="pormpt alert"><em></em><p>英文字符 6-12 位</p></div>
			</div>
			<div class="form-group">
				<span class='name'><em>*</em>修改密码：</span>
				<input type='password' name="new" class='form-control' placeholder="请输入修改密码" />
				<em class="em2 em3"></em>
				<div class="pormpt alert"><em></em><p>英文字符 6-12 位</p></div>
			</div>
			<div class="form-group">
				<span class='name'><em>*</em>确定密码：</span>
				<input type='password' name="new2" class='form-control' placeholder="请输入确定密码" />
				<em class="em2 em4"></em>
				<div class="pormpt alert"><em></em><p>英文字符 6-12 位</p></div>
			</div>
			<input type='submit' class='btn btn-info' name='submit' value='修改' />
		</form>
	</div>
</div>
	<?php
		include 'inc/footer_inc.php';
	?>
<script type="text/javascript">

	var oldPass=document.form.old;
	var pass=document.form.new;
	var pass2=document.form.new2;
	var oformGroup=document.getElementsByClassName('form-group');
	var oIco=document.getElementsByClassName('pormpt')[1].getElementsByTagName('em')[0];
	var oInfo=document.getElementsByClassName('pormpt')[1].getElementsByTagName('p')[0];
	var oIco1=document.getElementsByClassName('pormpt')[2].getElementsByTagName('em')[0];
	var oInfo1=document.getElementsByClassName('pormpt')[2].getElementsByTagName('p')[0];
	var oIco2=document.getElementsByClassName('pormpt')[3].getElementsByTagName('em')[0];
	var oInfo2=document.getElementsByClassName('pormpt')[3].getElementsByTagName('p')[0];

	oldPass.onblur=function(){
		checkPass0();
	}

	pass.onblur=function(){
		checkPass();
	}

	pass2.onblur=function(){
		checkPass2();
	}

	function checkPass0(){
		if(oldPass.value==""){
			oformGroup[1].classList.add('has-error');
			oIco.classList.add('warning');
			oInfo.innerHTML="密码不得为空！";
			oIco.parentNode.classList.add('alert-warning');
			return false;
		}else if(oldPass.value.length<6 || oldPass.value.length>18){
			oformGroup[1].classList.add('has-error');
			oIco.classList.add('warning');
			oInfo.innerHTML="密码必须是英文字符 6-18 位！";
			oIco.parentNode.classList.add('alert-warning');
			return false;
		}else{
			oformGroup[1].classList.remove('has-error');
			oformGroup[1].classList.add('has-success');
			oIco.classList.add('success');
			oIco.classList.remove('warning');
			oInfo.innerHTML="英文字符 6-12 位！";
			oIco.parentNode.classList.add('alert-success');
			oIco.parentNode.classList.remove('alert-warning');
		}
		return true;
	}

	function checkPass(){
		if(pass.value==""){
			oformGroup[2].classList.add('has-error');
			oIco1.classList.add('warning');
			oInfo1.innerHTML="修改密码不得为空！";
			oIco1.parentNode.classList.add('alert-warning');
			return false;
		}else if(pass.value.length<6 || pass.value.length>18){
			oformGroup[2].classList.add('has-error');
			oIco1.classList.add('warning');
			oInfo1.innerHTML="密码必须是英文字符 6-18 位！";
			oIco1.parentNode.classList.add('alert-warning');
			return false;
		}else{
			oformGroup[2].classList.remove('has-error');
			oformGroup[2].classList.add('has-success');
			oIco1.classList.remove('warning');
			oIco1.classList.add('success');
			oInfo1.innerHTML="英文字符 6-18 位！";
			oIco1.parentNode.classList.remove('alert-warning');
			oIco1.parentNode.classList.add('alert-success');
		}
		return true;
	}

	function checkPass2(){
		if(pass2.value!=pass.value){
			oformGroup[3].classList.add('has-error');
			oIco2.classList.add('warning');
			oInfo2.innerHTML="确认密码与上面不一致！";
			oIco2.parentNode.classList.add('alert-warning');
			return false;
		}else{
			oformGroup[3].classList.remove('has-error');
			oformGroup[3].classList.add('has-success');
			oIco2.classList.remove('warning');
			oIco2.classList.add('success');
			oInfo2.innerHTML="英文字符 6-18 位！";
			oIco2.parentNode.classList.remove('alert-warning');
			oIco2.parentNode.classList.add('alert-success');
		}
		return true;
	}

	function checkUserName(){

		if(checkPass() && checkUser() &&　checkPass2()){
			return true;
		}else{
			return false;
		}

	}
</script>
